?
Solved

Modify my password script

Posted on 1999-07-30
6
Medium Priority
?
210 Views
Last Modified: 2010-03-05
I'm using a password script that I got here on EE last year. A copy of it is posted in the dir http://www.fishhead.com/scripts/password/ as "index-cgi.txt. The way it works now is I put the index.cgi in the directory I want to protect. The source code for the hidden page is in my cgi-bin. If the user enters the correct password, the hidden page is presented. If the wrong password is entered they get an error.html page which is also in my cgi-bin. The script records the invalid passwords in a log file.

What I want to change is for the invalid entries to be shown in the error.html page so the user can actually see their input. That way they know if they just made a simple typo and can try again. Something along the lines of:

The password \"$theinput\" you have entered is invalid.

I also want to add the date of the invalid attempt to the log file. I want to modify the entry line to read something like:

On (the-date)($ENV{REMOTE_HOST) tried to get by the script.

0
Comment
Question by:Gary040897
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 5

Expert Comment

by:thoellri
ID: 1214539
Gary,

change this line:

print LOG "$ENV{REMOTE_HOST} tried to get by the script.\n";

to:

print LOG "On ".scalar(localtime)."$ENV{REMOTE_HOST} tried to get by the script.\n";

to get the date into the log.

And for the second question to display the  wrong password in the error file:
1.) Edit your error.html-file
2.) Add this line (exactly like this) to the file:
The password \"$theinput\" you have entered is invalid.
3.) Modify the loop at the bottom to read:
while(<FUNC>) {
   s/\$(\w+)/${$1}/g;
   print $_;
}

This allows you to embed variable names into the html-page which will be interpolated while the document is printed to the browser. In your case the "$theinput" will be replaced the value, which is the bad password.

Hope this helps
  Tobias
0
 
LVL 5

Expert Comment

by:thoellri
ID: 1214540
Sorry,

Step 3 has to be:

3.) Modify the loop at the bottom to read:
      while(<ErrorPage>) {
         s/\$(\w+)/${$1}/g;
         print $_;
      }

Tobias
0
 

Author Comment

by:Gary040897
ID: 1214541
In my example I thought I would need the "\" in \"$theinput\" but I don't need it in a html file apparently. After I remove them it looked like what I expected. Is there more definitive information on my user than $ENV{REMOTE_HOST}?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 5

Expert Comment

by:thoellri
ID: 1214542
Gary,

all you can get is $ENV{REMOTE_HOST} (or $ENV{REMOTE_ADDR} for the IP-address, depends on how the server is setup). $ENV{HTTP_USER_AGENT} tells you about the browser and platform the user has.

Sorry
  Tobias

0
 

Author Comment

by:Gary040897
ID: 1214543
That's what I thought. If you will give a proposed answer I will close this question out now. Thank you!
0
 
LVL 5

Accepted Solution

by:
thoellri earned 400 total points
ID: 1214544
Gary,

thanks - here is the fixed repost of my first comment.

Tobias



      Change this line:

      print LOG "$ENV{REMOTE_HOST} tried to get by the script.\n";

      to:

      print LOG "On ".scalar(localtime)."$ENV{REMOTE_HOST} tried to get by the script.\n";

      to get the date into the log.

      And for the second question to display the  wrong password in the error file:
      1.) Edit your error.html-file
      2.) Add this line (exactly like this) to the file:
      The password \"$theinput\" you have entered is invalid.
      3.) Modify the loop at the bottom to read:
      while(<ErrorPage>) {
               s/\$(\w+)/${$1}/g;
               print $_;
            }

This allows you to embed variable names into the html-page which will be interpolated while the document is printed to the browser. In your case the "$theinput" will be replaced the value, which is the bad password.

      Hope this helps
        Tobias
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have been pestered over the years to produce and distribute regular data extracts, and often the request have explicitly requested the data be emailed as an Excel attachement; specifically Excel, as it appears: CSV files confuse (no Red or Green h…
There are many situations when we need to display the data in sorted order. For example: Student details by name or by rank or by total marks etc. If you are working on data driven based projects then you will use sorting techniques very frequently.…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
Six Sigma Control Plans

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question